i recently had my site affected by the placement of various php files onto my server.  These files "merely" spoofed googlebot into seeing different content than the public viewed, thus messing up my keywords temporarily.  Luckily I noticed it fairly quickly and was able to recover from this with the assistance of LP Support. 

In the process of discussing this attack with a support agent it was brought to my attention that a WordPress Fantastico installation which I had just recently installed was out of date and was used as the entry in this exploit. 

Now I'm sure that the many LP clients who have installed WP aren't aware of this vulnerability.  My suggestion is that LP should think about Security Bulletin emails to all clients whenever there is an affected installation that needs to be updated.  The Fantastico update took all of a minute to do, and it would have saved me a lot of time if there had been some kind of public notification of the availability of the update.

I respect the fact that it's the clients responsibility to keep scripts up to date, but at least the monthly Lunarpages email (unless I missed it) would be a good place to advertise these security issues, or as I said a separate Security Bulletin, or at least a message on the Security forums.  I apologize if there was such a notice and I missed it, but if that's the case then obviously it could have been made to be more noticeable.

Thanks.

Found two good resources - (credit goes to Tristan) http://secunia.com/advisories/historic/ and the search page for it - http://secunia.com/advisories/search/?search=wordpress

I might see if I can also do some type of security alert or roundup via the monthly newsletter too.

If anybody else has suggestions or resources, feel free to share!